Electronic Health Records (EHRs) are a relatively new computer technology that can help major medical systems cope with the complex problems of traditional medical records, such as storage and sharing [1]. The COVID-19 pandemic has also led independent healthcare organizations to develop their own EHR management systems ^[2][3][2,3].

The traditional EHR model relies on a centralized storage center. With the application of cloud services, more and more medical institutions are transferring data to cloud service providers ^[4][5][4,5]. The traditional EHR model also allows for data sharing within a limited range of healthcare organizations. However, the conventional EHR model faces several challenges:

1.

Health data is exceedingly sensitive and necessitates robust protection. Storage servers, however, may compromise user privacy for financial gain. For instance, although users authorize professional healthcare staff to access their health data, storage servers could leak users’ personalized EHRs for medical research, drug advertising, and other purposes without obtaining users’ consent, thereby enhancing their profits [6].

2.

When medical disputes arise, users may suspect that the original EHRs stored in the storage systems have been tampered with due to their mistrust of third parties. Moreover, sharing data stored in these systems across different platforms with specific access control policies is challenging [7].

Blockchain technology provides a public, digitized, distributed ledger, as first proposed by Nakamoto [8]. It has been widely used in cryptocurrency transactions, such as Bitcoin [8], Ether [9], HyperLedger [10], and ZeroCash [11], and has become the key technology for data-sharing systems [12]. All nodes in the blockchain construct a peer-to-peer (P2P) network to interconnect. All participating nodes are equal, collaboratively providing services without a single central point, which can avoid the risk of the single-point bottleneck.

Due to its excellent characteristics of decentralization, openness, and so on, the blockchain-based EHR model can widely carry out data sharing ^[13][14][13,14]. It is worth noting that the blockchain-based EHR model has the characteristics of decentralization and openness compared with the traditional EHR model, which is very suitable for multi-party medical data sharing. The blockchain-based EHR model is the future trend of EHR model development. However, introducing a blockchain-based EHR model with the possibility of third-party storage institutions leads to not completely decentralized storage, and the related privacy protection scheme is still worth perfecting ^[15][16][15,16].

With the introduction of the General Data Protection Regulation (GDPR), the concept of the user’s “right to be forgotten” has been widely recognized, and the immutability of blockchain is contrary to this. Therefore, redactable blockchain has been widely proposed ^[17][18][19][17,18,19]. Presently, redactable blockchains primarily find application in the Internet of Things (IoT) ^[20][21][22][20,21,22].

2. Traditional EHR Models

Cloud-based Electronic Health Record (EHR) models form the foundation of most contemporary healthcare data management systems. For instance, Zhou et al. introduced a cloud storage-based multi-copy medical data storage scheme [4]. This solution enables multiple parties to share medical data. However, it heavily relies on a third-party auditor, necessitating a shift towards decentralization. Furthermore, Hua et al. proposed CINEMA, a framework that allows users to query medical data at the service provider level without requiring decryption [5]. Notably, the decryption process is exclusive to users, enhancing access to online medical services while mitigating data leakage risks. However, CINEMA requires cloud servers with high computing and storage performance to enable simultaneous queries from millions of users. Additionally, Wei et al. developed RS-HABE, a revocable hierarchical encryption storage scheme leveraging Attribute-Based Encryption (ABE) ^[23][27]. This scheme incorporates user revocation, key delegation, and ciphertext update functionalities. However, RS-HABE is encumbered by lengthy key generation times and sizable key lengths, necessitating substantial storage space for key retention. It is worth noting that traditional EHR models are becoming increasingly aligned with the medical needs of the current era. For example, traditional EHR models adopt cloud services, eliminating the data-sharing issues prevalent in previous EHR models. Moreover, the implementation of encryption makes traditional EHR models more secure. While these schemes provide secure storage and fine-grained access control in the cloud, they still face challenges, such as preventing internal malicious attacks and cloud server crashes. Hence, this respapearch r proposes a distributed blockchain-based system as an alternative to cloud servers for data storage and privacy protection.

3. Blockchain-Based EHR Models

Traditional EHR models have shortcomings, and many researchers are exploring using blockchain to address challenges in medical data sharing. The primary applications of blockchain technology in this context revolve around patient privacy protection and efficient patient data management. Firstly, blockchain-based healthcare data-sharing schemes show potential for adequate patient privacy protection. For instance, Xu et al. proposed a blockchain-based medical IoT privacy protection scheme named HealthChain ^[24][28]. Though effective, HealthChain’s double-chain structure escalates computational costs. Meanwhile, Wang et al. developed MedShare, a trusted data-sharing platform utilizing innovative contracts, offering fine-grained access control to enhance patient privacy [6]. However, Xu et al.’s blockchain-based scheme for COVID-19 pandemic tracing relies on third-party storage services, introducing potential privacy leakage risks [12]. Secondly, blockchain technology promises advantages in healthcare data management. A data-sharing scheme in the consortium blockchain illustrates how users can initiate search requests to data owners ^[25][29]. Nonetheless, this system lacks full decentralization. Wang’s blockchain-based data management scheme for the Internet of Medical Things (IoMT) calls for nuanced user privacy distinction to prevent potential information leaks ^[26][30]. Zhang and Poslad [16] utilized Shamir’s secret sharing to authenticate users and doctors for fine-grained access authorization. However, in Zhang et al.’s scheme, EMRs are stored in a blockchain, which is maintained in a trusted cloud, leading to centralization. Zaabar et al. proposed a decentralized storage scheme called HealthBlock ^[27][31]. In HealthBlock, the introduction of blockchain and IPFS technology has enabled a decentralized medical system, and this decentralized storage is conducive to preventing data leaks and sharing medical data. It is worth noting that the blockchain-based EHR model has the characteristics of decentralization and openness compared with the traditional EHR model, which is very suitable for multi-party medical data sharing. Moreover, with continuous research improvement, a blockchain-based EHR model can effectively protect patients’ medical privacy data. It can be said that the blockchain-based EHR model is the future trend of EHR model development ^[28][29][23,24]. Although blockchain-based EHR models are the emerging trend in this field, numerous challenges must be addressed. The primary issues involve achieving maximum decentralization and protecting user privacy to the greatest extent possible. These problems require our immediate attention and resolution ^[13][14][30][13,14,32]. Furthermore, it is critical to highlight that blockchain-based EHR models can safeguard users’ privacy effectively. However, there is ample room for improvement, particularly in balancing privacy protection with operational efficiency. Blockchain-based EHR models must also prevent the privacy issues third parties pose whenever possible ^[15][31][15,33]. Thus, the central question posed in this rpapesearchr is how can we strengthen privacy protection without compromising efficiency and how can we decentralize related systems to the greatest possible degree?

4. Redactable Blockchain and Its Applications in the Medical Field

The unique properties of blockchain technology, including decentralization, immutability, and anonymity, have attracted significant attention from researchers ^[32][33][34][34,35,36]. However, malicious actors can also exploit these characteristics for illicit activities, such as inserting unlawful information and taking advantage of blockchain’s immutability ^[35][36][37,38]. In light of the emerging concept of the “right to be forgotten”, the immutable nature of blockchain necessitates adaptation to contemporary needs ^[37][39]. Consequently, the field of redactable blockchains has garnered substantial attention. Redactable blockchain has been extensively studied, and many models have emerged ^[38][39][40][40,41,42]. Redactable blockchains are primarily employed in the Internet of Things (IoT) ^[20][22][20,22]. For instance, Wei et al. propose a redactable blockchain-based framework for federated learning [21]. The method employs a trapdoor distributed management mode, making it difficult to tamper with blockchain data. Additionally, Xu et al. ^[41][43] proposed a redactable identity management scheme in which users can delete or modify their identity information on the chain when they exit the network after completing authentication. It is worth noting that these redactable blockchain models used in the IoT field exhibit excellent performance. These solutions enable decentralized management and storage. However, the redactable blockchain applications mentioned above are specific to the IoT context. The application of redactable blockchain in the medical field necessitates corresponding modifications and adjustments. The primary reason for these changes is that in the IoT environment, blockchain-based applications should prioritize speed ^[42][25]. At the same time, the demand for privacy protection in the medical field is more significant than that, in the IoT environment. In the medical field, blockchain-based applications must prioritize user privacy. If user privacy is compromised, it may lead to the disclosure of patients’ disease information, medical data, and other sensitive information, resulting in significant losses for patients ^[43][44][44,45]. However, a scheme outlined in ^[45][26] utilized a redactable blockchain in the healthcare sector at a block-level data editing scale. This approach requires modifying all data on the block when only a single piece requires alteration, impeding efficient data maintenance on the redactable blockchain. In contrast, Rahul et al. introduced DS-Chain, an EHR storage system based on a deletable blockchain [46]. However, it lacks the functionality to add and modify medical data. Lastly, Zhang et al. developed a medical data-sharing system using a redactable blockchain with chameleon hashing, maintaining hash consistency pre- and post-block modification [47]. However, this system’s reliance on an administrator for the chameleon hash’s trapdoor raises potential security concerns.